CVE-2025-69383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows PHP Local File Inclusion.This issue affects WP shop: from n/a through = 2.6.1...

CVE-2025-69383

CVE-2025-69383 affects the WordPress plugin WP shop (wpshop) for isssueed versions up to and including 2.6.1. The vulnerability is an Unauthenticated Local File Inclusion caused by an improper control of filename for include/require statements . This can enable an attacker to include local files....

WordPress WP shop plugin <= 2.6.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Skalucy in WordPress Plugin WP shop versions = 2.6.1...

WordPress Shop as a Customer for WooCommerce Plugin < 1.2.4 is vulnerable to Privilege Escalation

Software Shop as a Customer for WooCommerce Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE N/A Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 10934473fa31 Credi...

WordPress Shop as a Customer for WooCommerce Plugin < 1.1.8 is vulnerable to Privilege Escalation

Software Shop as a Customer for WooCommerce Type Plugin Vulnerable versions 1.1.8 Fixed in 1.1.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE N/A Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 05b83bfeee18 Credits...

CVE-2022-36793

Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities in WP Shop plugin = 3.9.6 at WordPress...

WordPress Shop Page WP plugin <= 1.2.7 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Mika in WordPress Shop Page WP plugin versions = 1.2.7. Solution Update the WordPress Shop Page WP plugin to the latest available version at least 1.2.8...